Stay Informed
of New Reports
Twitter
Report Waste, Fraud
Abuse, Or Retaliation
Report Waste Fraud, Abuse, Or Retaliation

EAC Compliance with the Federal Information Security Modernization Act Fiscal Year 2020

Submitting OIG: 
Election Assistance Commission OIG
Report Description: 
Fiscal Year 2020 audit of EAC's compliance with the Federal Information Security Modernization Act (FISMA) of 2014
Short / Alternative Report Title: 
EAC FY 2020 FISMA Audit
Date Issued: 
Thursday, December 17, 2020
Agency Reviewed / Investigated: 
Election Assistance Commission
Submitting OIG-Specific Report Number: 
I-PA-EAC-02-20
Location(s): 
Agency-Wide
Type of Report: 
Audit
Questioned Costs: 
$0
Funds for Better Use: 
$0
Number of Recommendations: 
5
View Document: 
AttachmentSize
PDF icon EAC FY 20 FISMA Final Report I-PA-EAC-02-20_Web.pdf958.77 KB

Related Open Recommendations

Recommendation Number Recommendation Status Significant Recommendation Additional Details
1 Open No
EAC OIT should prepare an authorization package for its Microsoft Azure system that includes a security and privacy plan, security and privacy assessment report, plans of action and milestones, and an executive summary.
2 Open No
EAC OIT should ensure Data Owners sign user access recertifications.
3 Open No
EAC OIT should implement DMARC policy and HSTS security controls required by DHS Binding Operational Directive 18-01.
4 Open No
EAC OIT should reconcile its physical inventory to its inventory system report and update inventory records for separated employees to reflect the EAC operating environment accurately.
5 Open No
EAC OIT should prepare performance metrics that measure the effectiveness or efficiency of its information security program and security controls the EAC employs in support of its programs.
Displaying 5 of 5 Recommendations